M.SC. THESISDEFENDED 19 SEP 2021 · GRADE: EXCELLENT

Implementation of Machine-Learning-based Attacks on PUF

University of Tehran · Digital Electronic Systems · 2018 – 2021

TITLE
Implementation of Machine-Learning-based Attacks on PUF
DEGREE
M.Sc. in Electrical Engineering — Digital Electronic Systems
UNIVERSITY
University of Tehran, Tehran, Iran
DEFENDED
19 September 2021
GRADE
Excellent
SUPERVISOR
Dr. Bijan Alizadeh

Overview

clk

Securing communication in the Internet of Things is not just an encryption problem — it is an authentication problem. If a device cannot prove who it is, an attacker can simply replay or relay legitimate messages, and encryption alone does not help. Physical Unclonable Functions (PUFs) offer a lightweight answer: they derive a device-unique challenge–response behaviour from uncontrollable manufacturing variation, giving every chip a fingerprint that is cheap to evaluate and hard to clone.

PUFs, however, have a well-known weakness: their challenge–response behaviour can often be learned. This thesis attacks the problem from both sides. On the offensive side, I developed two machine-learning strategies that model the behaviour of RPUF and OBPUF architectures with significantly improved attack efficiency compared to prior approaches.

On the defensive side, the lessons from those attacks led to SQ-PUF, a secure, scalable PUF-based authentication architecture designed to resist machine-learning attacks. I evaluated SQ-PUF for ML-attack resilience as well as the standard PUF quality metrics — uniformity and uniqueness — and its hardware overhead. The same research line later produced DC-PUF, an ML-resistant PUF-based authentication protocol for resource-constrained IoT, published in the Journal of Network & Computer Applications.

Contributions

valid
  • Two ML attack strategies against the RPUF and OBPUF architectures, with significantly improved attack efficiency over previous work.
  • SQ-PUF: a secure, scalable, ML-attack-resistant PUF-based authentication architecture, published in the Iranian Journal of Electrical and Computer Engineering.
  • Systematic evaluation of ML-attack resilience, uniformity, uniqueness, and hardware overhead of the proposed architecture.
  • Research continuity: the thesis line matured into DC-PUF, an ML-resistant authentication protocol for resource-constrained IoT (J. Network & Computer Applications, 2023).

Methods & technologies

en
  • Physical Unclonable Functions (RPUF, OBPUF)
  • Machine-learning modeling attacks
  • CNN / SVM models in Python
  • Authentication protocol design
  • FPGA implementation
  • Uniformity & uniqueness metrics
  • Hardware overhead analysis

Outcomes & publications

done

// full list on the publications section of the main page